[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: RE : CRT mode in OffloadModExpo
From: John Banes <jbanes () WINDOWS ! MICROSOFT ! COM>
Date: 2003-02-19 4:06:51
[Download RAW message or body]
There's no standard mechanism for this, so you probably have come up
with something on your own. If the cache is going to contain elements of
the private key, then I would recommend encrypting this when not in use.
You should validate the input parameters so that you don't bluescreen
the system. That sort of thing.
You can use critical sections and reference counting to make the cache
thread safe. Just be sure not to hold on to a critical section when
performing an operation that blocks or uses a bunch of CPU cycles, or
else your performance will suffer.
Best of luck,
John
-----Original Message-----
From: Vitali [mailto:vitali@CIPHERACTIVE.COM]
Sent: Tuesday, February 18, 2003 3:43 AM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: RE : CRT mode in OffloadModExpo
Hi,
Thank You for the exhaustive answer it REALLY helped to solve lots of
questions I had.
You write "The offload module may want to maintain a small cache...",
well Yes it does want ;-) very much... But how can I do it..? Is there a
mechanism for menaging such cache..? I mean without making security
holes and thread safe..
--
Best regards,
Vitali mailto:vitali@cipheractive.com
Sunday, February 16, 2003, 10:54:38 PM, you wrote:
JB> From looking at the code, it appears that a pointer to an
JB> OFFLOAD_PRIVATE_KEY structure is passed in parameter 7 of the
JB> offload function. Using this information allows the offload module
JB> to easily compute the CRT constants. The offload module may want to
JB> maintain a small cache, so that it doesn't have to compute this
JB> constants for every private key operation.
JB> I think that this pointer is only provided on WinXP and Windows
JB> Server 2003, and only when a private key operation is being
JB> performed. It looks like this parameter is NULL when a public key
JB> operation is being performed.
JB> Note that with a bit of work, it's possible for an offload module to
JB> compute the CRT constants even without this structure. This may be
JB> something that you want to investigate when running on Win2K. I've
JB> heard that a couple of the more mathematically inclined hardware
JB> vendors have managed to get this to work. I have a description of
JB> the algorithm laying around somewhere, I think. I'll post it to the
JB> list later on if I can find it.
JB> It appears that the OFFLOAD_PRIVATE_KEY structure is not documented
JB> in MSDN. I'll see if I can get this fixed.
JB> //
JB> // Exponentiation Offload Entry Point Prototype
JB> //
JB> typedef struct _OFFLOAD_PRIVATE_KEY
JB> {
JB> DWORD dwVersion;
JB> DWORD cbPrime1;
JB> DWORD cbPrime2;
JB> PBYTE pbPrime1; // "p"
JB> PBYTE pbPrime2; // "q"
JB> } OFFLOAD_PRIVATE_KEY, *POFFLOAD_PRIVATE_KEY;
JB> #define CUR_OFFLOAD_VERSION 1
JB> typedef BOOL (WINAPI *PFN_OFFLOAD_MOD_EXPO)(
JB> IN PBYTE pbBase,
JB> IN PBYTE pbExponent,
JB> IN DWORD cbExponent,
JB> IN PBYTE pbModulus,
JB> IN DWORD cbModulus,
JB> OUT PBYTE pbResult,
JB> IN OPTIONAL PVOID pvOffloadPrivateKey,
JB> IN DWORD dwFlags);
JB> Regards,
JB> John
JB> -----Original Message-----
JB> From: AUCOUTURIER Sebastien
JB> [mailto:sebastien.aucouturier@ZENCOD.COM]
JB> Sent: Thursday, February 13, 2003 1:50 AM
JB> To: CryptoAPI@DISCUSS.MICROSOFT.COM
JB> Subject: RE : CRT mode in OffloadModExpo
>>>The question:
>>>Is there a way to tell Windows to work in CRT mode when using the
JB> Offload feature.?
JB> Under W2k, i think the response is NO.
JB> But on platform since XP, i think Yes...but nothing is documented !
JB> :-( Can someone help us ?
JB> ----------------------------------------------------------------
JB> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
JB> contains important info. Save time, search the archives at
JB> http://discuss.microsoft.com/archives/index.html . To unsubscribe,
JB> mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
JB> ----------------------------------------------------------------
JB> Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
JB> contains important info. Save time, search the archives at
JB> http://discuss.microsoft.com/archives/index.html . To unsubscribe,
JB> mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html . To unsubscribe,
mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
----------------------------------------------------------------
Users Guide http://discuss.microsoft.com/archives/mailfaq.asp
contains important info. Save time, search the archives at
http://discuss.microsoft.com/archives/index.html .
To unsubscribe, mailto:CryptoAPI-signoff-request@DISCUSS.MICROSOFT.COM
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic